Security News

Over 8 million COVID-19 test results leaked online
2021-02-25 02:00

Millions of COVID-19 test reports were found to be publicly accessible due to flawed online system implementation. The leak, comprising over 8 million COVID-19 test results, has been attributed to the Health and Welfare Department of West Bengal, India.

Revealed: The military radar system swiped from aerospace biz, leaked online by Clop ransomware gang
2021-02-24 20:04

A CAD drawing of a radar antenna stolen and leaked online by criminals is of a military radar system produced by defense contractor Leonardo and fitted to a number of US and UAE aircraft, The Register has learned. The Register can reveal Clop got its hands on at least one drawing of a Leonardo Seaspray 7500E radar antenna, and divulged on its Tor-hidden website a rendering of the hardware in some detail - without its external covers usually seen in promotional material.

Florida Water Plant Hack: Leaked Credentials Found in Breach Database
2021-02-12 15:34

Researchers say they found several stolen and leaked credentials for a Florida water-treatment plant, which was hacked last week. Researchers at CyberNews said they found 11 credential pairs linked to the Oldsmar water plant, in a 2017 compilation of stolen breach credentials.

Exposed Azure bucket leaked passports, IDs of volleyball reporters
2021-02-01 15:45

A publicly exposed cloud storage bucket was found to contain images of hundreds of passports and identity documents belonging to journalists and volleyball players from around the world. Reverse-image searches for headshots revealed that these well-known European volleyball players were either directly associated with CEV or were part of a volleyball team or federation affiliated with the CEV. BleepingComputer also found some of CEV's assets in the bucket, such as branding images with CEV logos on them.

The new Microsoft Edge browser will warn you if your password has been leaked online
2021-01-22 12:17

The new Edge 88 browser includes tough new security features, including a password generator and a tool for monitoring whether your login details have been exposed to the dark web. Microsoft Edge 88 is rolling out to users in the Stable channel alongside some new privacy-focused features, including a long-awaited credentials monitor and a built-in password generator.

Microsoft Edge gets a password generator, leaked credentials monitor
2021-01-21 13:05

Microsoft is rolling out a built-in password generator and a leaked credentials monitoring feature on Windows and macOS systems running the latest Microsoft Edge version. Microsoft Edge 88 now helps you improve the security of your online accounts with the password generator which suggests secure and strong passwords when updating existing credentials or signing up for new accounts.

Hackers leaked altered Pfizer data to sabotage trust in vaccines
2021-01-15 13:43

The European Medicines Agency today revealed that some of the stolen Pfizer/BioNTech vaccine candidate data was doctored by threat actors before being leaked online with the end goal of undermining the public's trust in COVID-19 vaccines. EMA is the decentralized agency that reviews and approves COVID-19 vaccines in the European Union, and the agency that evaluates, monitors, and supervises any new medicines introduced to the EU. "The ongoing investigation of the cyberattack on EMA revealed that some of the unlawfully accessed documents related to COVID-19 medicines and vaccines have been leaked on the internet," the agency disclosed today.

Millions of Social Profiles Leaked by Chinese Data-Scrapers
2021-01-11 21:54

The affected server, hosted by Tencent, was segmented into indices in order to store data obtained from each social-media source, which allowed researchers to look into the data further. "Our research team was able to determine that the entirety of the leaked data was 'scraped' from social-media platforms, which is both unethical and a violation of Facebook's, Instagram's and LinkedIn's terms of service," researchers said, in a Monday blog post.

Nissan NA source code leaked due to default admin:admin credentials
2021-01-08 03:36

Multiple code repositories from Nissan North America became public this week after the company left an exposed Git server protected with default access credentials. The entire collection is around 20 gigabytes large and contains source code for mobile apps and various tools used by Nissan internally for diagnostics, client acquisition, market research, or NissanConnect services.

Leading Game Publishers Hit Hard by Leaked-Credential Epidemic
2021-01-04 20:14

Leading gaming companies, such as Ubisoft, have become big targets for cybercriminals that aim to turn a profit by selling leaked insider-credentials tied to the top game publishers. More than 500,000 of the leaked credentials pertained to employees of leading game companies, according to the report published Monday.